What to do when your Joomla! website is hacked

Intrusion attempts often succeed because of known exploits in outdated Joomla! releases or third-party extensions. It’s essential that Joomla! administrators to keep the core platforms and installed extensions updated at all times. In this article, we’ll show you what to do when your Joomla website is hacked. 

If your Joomla! website is hacked, there are steps you can take to recover and protect the site. The quickest solution is to take advantage of HostPapa’s Protection Power, an emergency malware recovery service delivered by independent security experts. The service automatically scans your website files and folders, detecting and removing known exploits and suspicious files.

Once your site has been recovered, you should protect the platform with an ongoing service that supports daily vulnerability scans, automatic malware detection and removal, a web application firewall, basic distributed denial of service (DDoS) monitoring, and SSL certification.

With your site fully protected, upgrade the core Joomla! platform and extensions to the latest release by following this HostPapa Knowledge Base article: How to upgrade Joomla!

Be sure to also read our guide to securing Joomla! which includes practical advice and handy tips for platform administrators: Security checklist for your Joomla! installation.

Finally, head to the Joomla! back-end, click the user account icon in the top toolbar (the person icon on the right of the page) and select Edit Account to change your password.

All site administrators should also change their passwords to safeguard the site from future attacks.

If you need help with your HostPapa account, please open a support ticket from your dashboard.

Related Articles